On September 18, 2023, household cleaning product giant, Clorox, sent shockwaves through the industry when it revealed a cyberattack that had occurred a month earlier was still causing significant production disruptions. The attack had damaged critical parts of Clorox’s IT infrastructure, resulting in extensive operational upheaval, despite the implementation of their business continuity plans. Although we cannot definitively confirm it, the incident bore all the hallmarks of a ransomware attack.
This situation serves as a stark reminder of the growing cybersecurity risks faced by manufacturers due to the increasing integration of Information Technology (IT) and Operational Technology (OT) systems. The impact of a successful cyberattack on manufacturers should not be underestimated, and it is a challenge that is here to stay. According to Statista, in 2022, manufacturing accounted for nearly 25% of all cyberattacks among targeted industries worldwide.
Five Key Takeaways
Here are 5 things that we can learn from this event.
Risk Assessment
Manufacturers need to prioritize conducting information security risk assessments. These assessments should evaluate the likelihood and potential impact of identified risks on the organization. Additionally, they should identify the technical and administrative controls in place to mitigate these risks. The findings from these assessments enable organizations to allocate their resources effectively, addressing areas with the highest residual risk. Moreover, it can build credibility with stakeholders, securing the necessary investments for critical cybersecurity controls.
Incident Response Plan
While preventive controls are crucial, manufacturers should also invest in incident response capabilities. Establishing a Security Incident Response Team (SIRT) and documenting an Incident Response Plan (IRP) is imperative. To ensure preparedness, organizations must conduct incident response tabletop exercises regularly. This practice helps teams refine their response plans to be more prepared for real-world cyber incidents.
Network Segmentation
To mitigate the impact of a cybersecurity attack, manufacturers should implement network segmentation. This involves isolating critical operational technology (OT) systems from other internal systems, such as employee workstations, laptops, mobile devices, and servers. Careful restrictions on network communications should be imposed, allowing only necessary connections for required functionality. Such segmentation minimizes the risk of a cyberattack spilling over into the operational technology that drives production processes.
User Awareness
According to the 2023 Verizon Data Breach Investigation Report, the human element plays a role in 82% of data breaches, often through methods like email phishing and other forms of social engineering. Manufacturers need to invest in ongoing user awareness programs that provide short, interactive training to employees. These programs should also include periodic social engineering tests to assess and employees’ abilities to identify and report suspicious emails and other social engineering attempts.
Business Continuity
Manufacturers should establish a robust Business Continuity Program (BCP) as part of their cybersecurity strategy. A critical component of this program is the Business Impact Analysis (BIA), which identifies essential business functions and their dependencies, including technological aspects like network infrastructure and applications. The BIA assesses the impact of unavailability for each critical process and sets Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). With this information, IT leaders can design recovery capabilities tailored to meet the business’s needs.
Securing Your Manufacturing Company: Key Lessons from the Clorox Breach
The Clorox cyberattack serves as a forecast of the challenges manufacturers face in today’s digitally interconnected world. The lessons learned from this incident are important. By conducting risk assessments, building incident response plans, implementing network segmentation, enhancing user awareness, and establishing business continuity programs, manufacturers can reinforce their defenses against cyber threats. In a landscape where cyberattacks show no signs of slowing down, best practices like these are essential to safeguarding operations, reputation, and the bottom line. Don’t wait until it’s too late. Contact Hartman Executive Advisors today to discuss how we can help your manufacturing company improve its cybersecurity and safeguard its operations, reputation, and bottom line.
